Mattermost versions 10.4.x <= 10.4.1, 9.11.x <= 9.11.7, 10.3.x <= 10.3.2, 10.2.x <= 10.2.2 fail to properly validate board blocks when importing boards which allows an attacker could read any arbitrary file on the system via importing and exporting a specially crafted import archive in Boards.
Fixes

Solution

Update Mattermost to versions 10.5.0, 10.4.2, 9.11.8, 10.3.3, 10.2.3 or higher. Alternatively, update the Mattermost Boards plugin to v9.0.5 or higher.


Workaround

No workaround given by the vendor.

References
History

Thu, 02 Oct 2025 18:30:00 +0000

Type Values Removed Values Added
First Time appeared Mattermost
Mattermost mattermost Server
CPEs cpe:2.3:a:mattermost:mattermost_server:*:*:*:*:*:*:*:*
Vendors & Products Mattermost
Mattermost mattermost Server

Mon, 24 Feb 2025 12:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}


Mon, 24 Feb 2025 07:45:00 +0000

Type Values Removed Values Added
Description Mattermost versions 10.4.x <= 10.4.1, 9.11.x <= 9.11.7, 10.3.x <= 10.3.2, 10.2.x <= 10.2.2 fail to properly validate board blocks when importing boards which allows an attacker could read any arbitrary file on the system via importing and exporting a specially crafted import archive in Boards.
Title Arbitrary file read in Mattermost Boards via import & export board archive
Weaknesses CWE-22
References
Metrics cvssV3_1

{'score': 9.9, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H'}


cve-icon MITRE

Status: PUBLISHED

Assigner: Mattermost

Published:

Updated: 2025-02-24T11:22:50.849Z

Reserved: 2025-02-18T11:11:14.677Z

Link: CVE-2025-25279

cve-icon Vulnrichment

Updated: 2025-02-24T11:22:47.426Z

cve-icon NVD

Status : Analyzed

Published: 2025-02-24T08:15:10.607

Modified: 2025-10-02T18:19:20.400

Link: CVE-2025-25279

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.